5 Replies Latest reply: Apr 22, 2013 5:54 PM by CHRIS_K_AU RSS

7-Mode User Administration

ASUNDSTROM
Currently Being Moderated

How do you manage user accounts in 7 mode given the following scenarios:

 

Enable disabled user account:

Controller1> useradmin user list Test3

Name: Test3

Info:

Rid: 111111

Groups: Group1

Full Name:

Allowed Capabilities: login-snmp

Password min/max age in days: 1/4294967295

Status: disabled

 

Change user password for first login:

When security.passwd.firstlogin.enable is set to on and using the principal of least privilege, how do you change the intial password?  Or let me ask, what is required to allow a user to change their password on first login if you are configuring SNMPv3 and only granting login-snmp?  Do they need the ability to login through SSH, if so what other capabilities are required for the user to change their password.  Let’s say the user only has login-snmp, login-ssh how would they change their password? There is no prompt when I login and I can login through SSH with the account with a status of expired. When I have these capabilities and try passwd , system log states that test needs the cli-passwd capability. If you grant that capability then that account can change any password.

 

Name: test

Info: Rid: 11112

Groups: Group1

Full Name:

Allowed Capabilities:

Password min/max age in days: 0/4294967295

Status: expired

More Like This

  • Retrieving data ...